On Mon, Jul 30, 2018 at 05:40:27PM +0000, Kyle Evans wrote: > Author: kevans > Date: Mon Jul 30 17:40:27 2018 > New Revision: 336919 > URL: https://svnweb.freebsd.org/changeset/base/336919 > > Log: > efirt: Add tunable to allow disabling EFI Runtime Services > > Leading up to enabling EFIRT in GENERIC, allow runtime services to be > disabled with a new tunable: efi.rt_disabled. This makes it so that EFIRT > can be disabled easily in case we run into some buggy UEFI implementation > and fail to boot. > > Discussed with: imp, kib > MFC after: 1 week > > Modified: > head/sys/dev/efidev/efirt.c > > Modified: head/sys/dev/efidev/efirt.c > ============================================================================== > --- head/sys/dev/efidev/efirt.c Mon Jul 30 17:03:15 2018 > (r336918) > +++ head/sys/dev/efidev/efirt.c Mon Jul 30 17:40:27 2018 > (r336919) > @@ -133,7 +133,12 @@ efi_init(void) > struct efi_md *map; > caddr_t kmdp; > size_t efisz; > + int rt_disabled; > > + rt_disabled = 0; > + TUNABLE_INT_FETCH("efi.rt_disabled", &rt_disabled);
Would it be a good idea to document this tunable in loader(8)? Thanks, -- Shawn Webb Cofounder and Security Engineer HardenedBSD Tor-ified Signal: +1 443-546-8752 Tor+XMPP+OTR: latt...@is.a.hacker.sx GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
signature.asc
Description: PGP signature
